In Check Point interrogation, we’ve recently seen this issue:
- We have an interrogation script, detect-management-interrogation-mds.ind, which includes the requirement ‘role-firewall: neq: “true”’
- But, this script is running before the interrogation that writes the ‘role-firewall: true’ tag for firewalls
- So, the detect-management-interrogation-mds.ind is unnecessarily (and nerve-wrackingly) running against a whole bunch of firewalls
Any way to prevent this?